This documentation is archived and is not being maintained.

IApplicationTrustManager Interface

Updated: August 2009

Determines whether an application should be executed and which set of permissions should be granted to the application.

Namespace:  System.Security.Policy
Assembly:  mscorlib (in mscorlib.dll)

public interface IApplicationTrustManager : ISecurityEncodable

Trust managers must implement the IApplicationTrustManager interface. The host calls the DetermineApplicationTrust method in the trust manager to determine whether an application should be executed and which permissions should be granted to the application.

In the .NET Framework 3.5 SP1, there is only one trust manager, which can be a custom implementation of the IApplicationTrustManager interface. The default trust manager implementation prompts the user for permission to install the application and elevate the permissions granted to the application. Other trust manager implementations might have different user experiences. For example, an implementation might check an enterprise list for trusted applications instead of prompting the user for that information.

The following code example shows a very simple implementation of IApplicationTrustManager.

// To use the custom trust manager MyTrustManager, compile it into CustomTrustManager.dll,  
// place that assembly in the GAC, and  put the following elements in 
// an ApplicationTrust.config file in the config folder in the Microsoft .NET framework 
// installation folder. 

//<?xml version="1.0" encoding="utf-8" ?>
//    <mscorlib> 
//        <security> 
//            <policy> 
//                <ApplicationSecurityManager> 
//                    <ApplicationEntries /> 
//                    <IApplicationTrustManager class="MyNamespace.MyTrustManager, CustomTrustManager, Version=, Culture=neutral, PublicKeyToken=5659fc598c2a503e"/>
//                </ApplicationSecurityManager> 
//            </policy> 
//        </security> 
//    </mscorlib> 

using System;
using System.Security;
using System.Security.Policy;
using System.Windows.Forms;
namespace MyNamespace
	public class MyTrustManager : IApplicationTrustManager
		public ApplicationTrust DetermineApplicationTrust(ActivationContext appContext, TrustManagerContext context)
			ApplicationTrust trust = new ApplicationTrust(appContext.Identity);
			trust.IsApplicationTrustedToRun = false;

			ApplicationSecurityInfo asi = new ApplicationSecurityInfo(appContext);
			trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
			if (context.UIContext == TrustManagerUIContext.Run)
				string message = "Do you want to run " + asi.ApplicationId.Name + " ?";
				string caption = "MyTrustManager";
				MessageBoxButtons buttons = MessageBoxButtons.YesNo;
				DialogResult result;

				// Displays the MessageBox.

				result = MessageBox.Show(message, caption, buttons);

				if (result == DialogResult.Yes)
					trust.IsApplicationTrustedToRun = true;
					if (context != null)
						trust.Persist = context.Persist;
						trust.Persist = false;

			return trust;

		public SecurityElement ToXml()
			SecurityElement se = new SecurityElement("IApplicationTrustManager");
			se.AddAttribute("class", typeof(MyTrustManager).AssemblyQualifiedName);
			return se;

		public void FromXml(SecurityElement se)
			if (se.Tag != "IApplicationTrustManager" || (string)se.Attributes["class"] != typeof(MyTrustManager).AssemblyQualifiedName)
				throw new ArgumentException("Invalid tag");

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0




August 2009

Added information to Remarks about trust managers.

Customer feedback.